Rob Crittenden
Rob Crittenden
Fixes: https://pagure.io/freeipa/issue/9367
Clone of IPA issue https://pagure.io/freeipa/issue/9604 # ipa-replica-install ... Configuring KRA server (pki-tomcatd). Estimated time: 2 minutes [1/10]: creating ACIs for admin [2/10]: creating installation admin user [3/10]: configuring KRA instance...
In the wild a public CA issued a new subordinate CA certificate with an identical subject to another, with a new private key. This was uninstallable using ipa-cacert-manage because it...
python3-cryptography for rawhide, python3-cryptography-43.0.0-2.fc41.x86_64, is showing a couple of deprecation warnings. These don't include a "will be removed at version X" which they sometimes do so urgency is difficult to...
The lmdb performance for VLV indexes is not great so the PKI team recommended we switch from sequential serial numbers to Random Serial Numbers (RSN). The first time a non-bdb...
IPA supports up to 60 replication agreements. Report a CRITICAL error if the total number of agreements is exceeded. Do this both for IPA replication agreements and PKI agreements.
This is running a limited set of tests to validate basic installation and so some initial sanity checking. Manual testing shows the code working. ## Summary by Sourcery Migrate IPA...
Setting the HSM options in a pki-override-file will result in a successful installation but it affects the storage of the token library path. It is stored as None. We could...
We previously called out to certmonger to have it directly obtain certificates from the CA. Instead use the CA-generated /root/ca-admin.p12 certificate to authenticate using the pki tool to generate the...
Add cert approval workflow, extend certprofile to return all There is a goal to switch certmonger to use the IPA API for all certificate operations post-installation. To do that there...